Before we get into the how-to, we felt it would be appropriate to explain a little bit about how this came to be. As many of you may remember, a couple of months ago we attended CES 2010. While there, we also attended the It Won’t Stay in Vegas Blogger party and ended up meeting [...]

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

ARP Sniff (Sniffer Lite) is a tiny ARP sniffer. This tool will be useful to analyze the ARP packets in the network. The tool gives out two types of information, the 14 byte Ethernet header and 28 byte ARP header. The tool requires G++ compiler and a libpcap package. Three arguments are coded as of now. One is to list the available devices, second is to sniff the default device and third is to sniff the device given as argument. The sniffer outputs the Ethernet header (Source MAC address, Destination MAC address and Ethernet type), ARP Header (Hardware type, Protocol type, Hardware address length, Protocol address length, Opcode, Source Hardware address and Protocol address, Destination hardware address and Protocol address).

ARP Sniff (Sniffer Lite) is a tiny ARP sniffer. This tool will be useful to analyze the ARP packets in the network. The tool gives out two types of information, the 14 byte Ethernet header and 28 byte ARP header. The tool requires G++ compiler and a libpcap package. Three arguments are coded as of now. One is to list the available devices, second is to sniff the default device and third is to sniff the device given as argument. The sniffer outputs the Ethernet header (Source MAC address, Destination MAC address and Ethernet type), ARP Header (Hardware type, Protocol type, Hardware address length, Protocol address length, Opcode, Source Hardware address and Protocol address, Destination hardware address and Protocol address).

Secunia Research has discovered a security issue in Quicksilver Forums, which can be exploited by malicious, local users to disclose sensitive information. The application passes the database password via the command line to the mysqldump utility, which may disclose the password via the process list.

Secunia Research has discovered a security issue in Quicksilver Forums, which can be exploited by malicious people to disclose potentially sensitive information. The database backup functionality stores the database backup with a semi-predictable file name inside the web root. This can be exploited to download the backup by guessing the file name.

Secunia Research has discovered a vulnerability in Quicksilver Forums, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. execute arbitrary SQL queries by tricking a logged in administrator into visiting a malicious web site.

Hey guys, i have seen lots of documents about how to hack and ive tried many exploits on my test server (hp proliant dl380g3 i got off ebay :D). But ive never tryed rooting it before :S i looked around google but only found outdated papers from the 90s lol. i have seen webshells like c99 and r57, with options like "connect back" and "bind shell". Ive looked into it and found that for "connect back" you have to portfoward if it a remote host connecting to you, but not if its a lan. "Bind shell" is me doing "nc <ip> <port>", which is usually blocked by firewalls?

so people say "connect back" shell are the best but dont they show your ip address? also ive heard of data pipe shells which has something to do with irc?

This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

NGX Technologies sent us this Blueboard LPC1768-H to play with. It’s basically a breakout board for an NXP LPC1768 ARM cortex-M3 microcontroller (datasheet). The board adds a few extra goodies, such as a choice of mini-USB connector or barrel-jack to provide regulated power to the chip. There’s also a clock crystal for the internal RTC [...]

The Ferret is a high-altitude balloon tracking hardware package. Created by [Adam Greig] and [Jon Sowman], it uses an Arduino to gather NMEA data from a GPS unit, format the data into a string, and transmit that string on narrow-band FM. The project, built in one afternoon, is a tribute to the prototyping simplicity the [...]

In the video above you’ll see two of our favorite things combined, a quad-copter that is voice controlled. The robot responds to natural language so you can tell it to “take off and fly forward six feet”, rather than rely on a cryptic command set. The demonstration shows both an iPhone and a headset used [...]

[Michael Ossmann] rolled out some firmware that makes his IM-ME into a Spectrum Analyzer. He met up with [Travis Goodspeed], who authored the IM-ME flashing guide, at SchmooCon and spent some time hacking wireless doo-dads in the hotel bar. Once he arrived home the new firmware was just a few coding sessions away from completion. [...]

The University of Wisconsin is hosting a tutorial on how to make your own Organic Light Emitting Diodes. This is so amazingly awesome. We want you guys to make some. Someone make your own matrix and display some patterns on it and submit it. Please. Though we’ve seen lots of uses for OLED screens, we never really [...]

No, your eyes do not deceive you, you are looking at a [Bill Paxton] pinball machine. [Ben Heck], commonly known for his portable gaming system modifications has finally finished his pinball machine build. We’ve had our eye on it ever since [Jeri Ellsworth] challenged him to see who got theirs done first. As you can see, he’s [...]

Hello everyone my keyboard was working fine then all of a sudden it started acting up. Now when I boot into linux the keyboard works fine till I start the Xsever. At first I thought that the keyboard stopped working so I restarted it and still had the same problem. I ended up restarting it 8 times then I finally got pissed off and started to hit the keyboard now when I was done hitting it I kinda kept my hand on it and noticed it still types but I have to hold it for a long period of time for it to start typing. I have to hold the button for like 1-2 Sec for it to type one letter. Then i checked the keyboard setting and they where fine so any suggestions would be great.

Please Please get back to me on this I really don't want to reinstall it.